Improving Generalization on Cybersecurity Tasks with Multi-Modal Contrastive Learning

The use of ML in cybersecurity has long been impaired by generalization issues: Models that work well in controlled scenarios fail to maintain performance in production. The root cause often lies in ML algorithms learning superficial patterns (shortcuts) rather than underlying cybersecurity concepts. We investigate contrastive multi-modal learning as a first step towards improving ML performance in cybersecurity tasks. We aim at transferring knowledge from data-rich modalities, such as text, to data-scarce modalities, such as payloads. We set up a case study on threat classification and propose a two-stage multi-modal contrastive learning framework that uses textual vulnerability descriptions to guide payload classification. First, we construct a semantically meaningful embedding space using contrastive learning on descriptions. Then, we align payloads to this space, transferring knowledge from text to payloads. We evaluate the approach on a large-scale private dataset and a synthetic benchmark built from public CVE descriptions and LLM-generated payloads. The methodology appears to reduce shortcut learning over baselines on both benchmarks. We release our synthetic benchmark and source code as open source.

Label-free SERS Discrimination of Proline from Hydroxylated Proline at Single-molecule Level Assisted by a Deep Learning Model

Discriminating the low-abundance hydroxylated proline from hydroxylated proline is crucial for monitoring diseases and eval-uating therapeutic outcomes that require single-molecule sensors. While the plasmonic nanopore sensor can detect the hydrox-ylation with single-molecule sensitivity by surface enhanced Raman spectroscopy (SERS), it suffers from intrinsic fluctuations of single-molecule signals as well as strong interference from citrates. Here, we used the occurrence frequency histogram of the single-molecule SERS peaks to extract overall dataset spectral features, overcome the signal fluctuations and investigate the citrate-replaced plasmonic nanopore sensors for clean and distinguishable signals of proline and hydroxylated proline. By ligand exchange of the citrates by analyte molecules, the representative peaks of citrates decreased with incubation time, prov-ing occupation of the plasmonic hot spot by the analytes. As a result, the discrimination of the single-molecule SERS signals of proline and hydroxylated proline was possible with the convolutional neural network model with 96.6% accuracy.